[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Bug#753704: ITP: amap -- Next-generation scanning tool for pentesters

On Mon, Jul 07, 2014 at 12:19:15AM +0200, Jakub Wilk wrote:
> * Adam Borowski <kilobyte@angband.pl>, 2014-07-06, 21:04:
> >I see some legitimate scenarios for a single package to have
> >something both in $X/bin and $X/sbin, but not really across
> >package boundaries.
> These are deliberate:

None of your examples break policy 10.1: they don't install something with a
different functionality, just wrappers and/or different implementation.
The abuse we're trying to prevent is putting totally different things under
the same basename, like amap the biology tool vs amap the network scanner.

> * safe-rm ships /usr/bin/rm;
> * molly-guard ships /usr/sbin/{halt,poweroff,reboot,shutdown}

These are wrappers which add some checks.
> * elvis-tiny ships /bin/vi (like other vi clones, it also installs
> an alternative for /usr/bin/vi)

This provides a lightweight implementation of same functionality for those
who use the obsolescent /usr split.

Another case would be colorgcc or ccache: they use PATH ordering (not
installed by default) to do their thing.

By the way, it would be nice to have a common scheme for installing wrappers
of this kind -- especially if /bin vs /usr/bin is going to go away.

> Would you call them “legitimate” or not?

I'd use the policy 10.1 test here: variants of same functionality are
legitimate, unrelated functionality is not.

Gnome 3, Windows 8, Slashdot Beta, now Firefox Ribbon^WAustralis.  WTF is going
on with replacing usable interfaces with tabletized ones?

Reply to: